From: Russ Cox Date: Thu, 14 Sep 2017 03:07:38 +0000 (-0400) Subject: [dev.boringcrypto] crypto/rsa: fix boring GenerateKey to set non-nil Precomputed... X-Git-Tag: go1.19beta1~484^2~170 X-Git-Url: http://www.git.cypherpunks.su/?a=commitdiff_plain;h=a929f3a04d;p=gostls13.git [dev.boringcrypto] crypto/rsa: fix boring GenerateKey to set non-nil Precomputed.CRTValues This matches the standard GenerateKey and more importantly Precompute, so that if you generate a key and then store it, read it back, call Precompute on the new copy, and then do reflect.DeepEqual on the two copies, they will match. Before this CL, the original key had CRTValues == nil and the reconstituted key has CRTValues != nil (but len(CRTValues) == 0). Change-Id: I1ddc64342a50a1b65a48d827e4d564f1faab1945 Reviewed-on: https://go-review.googlesource.com/63914 Reviewed-by: Adam Langley --- diff --git a/src/crypto/rsa/boring_test.go b/src/crypto/rsa/boring_test.go index 0b19e92d74..f40e2748ca 100644 --- a/src/crypto/rsa/boring_test.go +++ b/src/crypto/rsa/boring_test.go @@ -158,6 +158,11 @@ func TestBoringRandGenerateKey(t *testing.T) { t.Fatalf("GenerateKey: wrong N\nhave %x\nwant %x", k.N, n) } r.checkOffset(35200) + + // Non-Boring GenerateKey always sets CRTValues to a non-nil (possibly empty) slice. + if k.Precomputed.CRTValues == nil { + t.Fatalf("GenerateKey: Precomputed.CRTValues = nil") + } } func TestBoringRandGenerateMultiPrimeKey(t *testing.T) { diff --git a/src/crypto/rsa/rsa.go b/src/crypto/rsa/rsa.go index 53b8f963f6..8e63185ec6 100644 --- a/src/crypto/rsa/rsa.go +++ b/src/crypto/rsa/rsa.go @@ -233,9 +233,10 @@ func GenerateMultiPrimeKey(random io.Reader, nprimes int, bits int) (*PrivateKey D: D, Primes: []*big.Int{P, Q}, Precomputed: PrecomputedValues{ - Dp: Dp, - Dq: Dq, - Qinv: Qinv, + Dp: Dp, + Dq: Dq, + Qinv: Qinv, + CRTValues: make([]CRTValue, 0), // non-nil, to match Precompute }, } return key, nil